In many enterprise environments, a domain controller or other authentication entity stores sets of user passwords, possibly in hashed form. Examples of such authentication entities include Microsoft domain controllers, which typically authenticate users through a service referred to as Active Directory. Password storage in these and other authentication entities can present a critical vulnerability to the security of an enterprise environment. There have been numerous high-profile breaches in which attackers have seized and cracked sets of weak, hashed passwords stored in a Microsoft domain controller, thereby achieving bulk compromise of user accounts. Domain controllers or other similar authentication entities may therefore represent a single point of compromise for a stored set of user passwords.
It is known that security of a hashed password can be improved by utilizing so-called “salt,” a random value that serves as an additional input to a hash function applied to the password. However, many enterprise environments perform hashing without the use of salt, often for reasons relating to legacy compatibility.
Particularly vulnerable are domain controllers storing passwords in a deprecated LAN Manager (LM) hash format, which lacks salt and partitions passwords of fourteen or fewer characters in length into seven-character segments, and is therefore vulnerable to fast attack by means of a rainbow table. While Windows Vista and Windows Server 2008 disabled LM hash by default, LM hash is retained in certain networks to ensure compatibility with legacy systems. Even the subsequent, now deprecated NTLMv1 and current recommended NTLMv2 authentication protocols, however, make use of an MD4-based hash function, referred to as NT LAN Manager (NTLM) hash, that lacks salt and is consequently vulnerable to rainbow table attacks. Thus, in these systems, only high-entropy passwords of at least fifteen characters in length are definitively resistant to cracking.
Windows 2000 and subsequent Windows operating system releases recommend utilization of KERBEROS authentication, which is also supported by Active Directory. See IETF RFC 4120, C. Neuman et al., “The Kerberos Network Authentication Service (V5),” July 2005, which is incorporated by reference herein. KERBEROS v5 hashes passwords with salt, creating resistance to rainbow table attacks. But weak user passwords in KERBEROS v5 remain vulnerable to brute-force cracking.
Accordingly, a need exists for improved authentication techniques that can address vulnerabilities associated with weak user passwords.